Commit bbea03f4 authored Jul 06, 2023 by Christian Göttsche Committed by Paul Moore Jul 18, 2023

selinux: check for multiplication overflow in put_entry()



The function is always inlined and most of the time both relevant
arguments are compile time constants, allowing compilers to elide the
check.  Also the function is part of outputting the policy, which is not
performance critical.

Also convert the type of the third parameter into a size_t, since it
should always be a non-negative number of elements.

Signed-off-by: Christian Göttsche <cgzones@googlemail.com>
Signed-off-by: Paul Moore <paul@paul-moore.com>

parent 5b0eea83

security/selinux/ss/policydb.h

+5 −2

Original line number	Diff line number	Diff line
		@@ -366,9 +366,12 @@ static inline int next_entry(void buf, struct policy_file fp, size_t bytes)
		return 0;
		}

		static inline int put_entry(const void buf, size_t bytes, int num, struct policy_file fp)
		static inline int put_entry(const void buf, size_t bytes, size_t num, struct policy_file fp)
		{
		size_t len = bytes * num;
		size_t len;

		if (unlikely(check_mul_overflow(bytes, num, &len)))
		return -EINVAL;

		if (len > fp->len)
		return -EINVAL;